Vulnerability-Lookup

CVE-2025-20145 (GCVE-0-2025-20145)

Vulnerability from cvelistv5 – Published: 2025-03-12 16:12 – Updated: 2025-03-21 20:32

Title

Cisco IOS XR Software Access Control List Bypass Vulnerability

Summary

A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device. For more information about this vulnerability, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-264 - Permissions, Privileges, and Access Control

Assigner

cisco

References

URL

Tags

	https://sec.cloudapps.cisco.com/security/center/c…
	https://blog.apnic.net/2024/09/02/crafting-endles…

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS XR Software	Affected: 6.5.3 Affected: 6.5.2 Affected: 6.5.92 Affected: 6.5.1 Affected: 6.6.2 Affected: 7.0.1 Affected: 6.6.25 Affected: 6.6.1 Affected: 6.5.93 Affected: 7.1.1 Affected: 7.0.90 Affected: 6.6.3 Affected: 7.0.2 Affected: 7.2.1 Affected: 7.1.2 Affected: 7.0.11 Affected: 7.0.12 Affected: 7.0.14 Affected: 6.6.4 Affected: 7.2.12 Affected: 7.3.1 Affected: 7.4.1 Affected: 7.2.2 Affected: 7.3.15 Affected: 7.3.16 Affected: 7.3.2 Affected: 7.5.1 Affected: 7.6.1 Affected: 7.5.2 Affected: 7.8.1 Affected: 7.5.12 Affected: 7.7.1 Affected: 7.3.3 Affected: 7.4.2 Affected: 7.3.4 Affected: 7.6.2 Affected: 7.5.3 Affected: 7.7.2 Affected: 7.9.1 Affected: 7.10.1 Affected: 7.8.2 Affected: 7.5.4 Affected: 7.8.22 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.3.5 Affected: 7.5.5 Affected: 7.11.1 Affected: 7.10.2 Affected: 24.1.1 Affected: 7.3.6 Affected: 7.11.2 Affected: 24.2.1 Affected: 24.1.2 Affected: 24.2.11 Affected: 24.3.1 Affected: 24.4.1 Affected: 24.2.2 Affected: 7.11.21 Affected: 24.2.20 Affected: 24.3.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20145",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-21T20:32:16.967308Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-21T20:32:32.526Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.5.3"
            },
            {
              "status": "affected",
              "version": "6.5.2"
            },
            {
              "status": "affected",
              "version": "6.5.92"
            },
            {
              "status": "affected",
              "version": "6.5.1"
            },
            {
              "status": "affected",
              "version": "6.6.2"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.25"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.5.93"
            },
            {
              "status": "affected",
              "version": "7.1.1"
            },
            {
              "status": "affected",
              "version": "7.0.90"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.1.2"
            },
            {
              "status": "affected",
              "version": "7.0.11"
            },
            {
              "status": "affected",
              "version": "7.0.12"
            },
            {
              "status": "affected",
              "version": "7.0.14"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "7.2.12"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.3.15"
            },
            {
              "status": "affected",
              "version": "7.3.16"
            },
            {
              "status": "affected",
              "version": "7.3.2"
            },
            {
              "status": "affected",
              "version": "7.5.1"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.5.2"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "7.5.12"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.3.3"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "7.3.4"
            },
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "status": "affected",
              "version": "7.5.3"
            },
            {
              "status": "affected",
              "version": "7.7.2"
            },
            {
              "status": "affected",
              "version": "7.9.1"
            },
            {
              "status": "affected",
              "version": "7.10.1"
            },
            {
              "status": "affected",
              "version": "7.8.2"
            },
            {
              "status": "affected",
              "version": "7.5.4"
            },
            {
              "status": "affected",
              "version": "7.8.22"
            },
            {
              "status": "affected",
              "version": "7.7.21"
            },
            {
              "status": "affected",
              "version": "7.9.2"
            },
            {
              "status": "affected",
              "version": "7.3.5"
            },
            {
              "status": "affected",
              "version": "7.5.5"
            },
            {
              "status": "affected",
              "version": "7.11.1"
            },
            {
              "status": "affected",
              "version": "7.10.2"
            },
            {
              "status": "affected",
              "version": "24.1.1"
            },
            {
              "status": "affected",
              "version": "7.3.6"
            },
            {
              "status": "affected",
              "version": "7.11.2"
            },
            {
              "status": "affected",
              "version": "24.2.1"
            },
            {
              "status": "affected",
              "version": "24.1.2"
            },
            {
              "status": "affected",
              "version": "24.2.11"
            },
            {
              "status": "affected",
              "version": "24.3.1"
            },
            {
              "status": "affected",
              "version": "24.4.1"
            },
            {
              "status": "affected",
              "version": "24.2.2"
            },
            {
              "status": "affected",
              "version": "7.11.21"
            },
            {
              "status": "affected",
              "version": "24.2.20"
            },
            {
              "status": "affected",
              "version": "24.3.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\r\n\r\nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.\r\nFor more information about this vulnerability, see the  section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "Permissions, Privileges, and Access Control",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-12T16:12:48.668Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-modular-ACL-u5MEPXMm",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm"
        },
        {
          "name": "Crafting endless AS-PATHS in BGP",
          "url": "https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/"
        }
      ],
      "source": {
        "advisory": "cisco-sa-modular-ACL-u5MEPXMm",
        "defects": [
          "CSCwk63613"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Access Control List Bypass Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20145",
    "datePublished": "2025-03-12T16:12:48.668Z",
    "dateReserved": "2024-10-10T19:15:13.215Z",
    "dateUpdated": "2025-03-21T20:32:32.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20145\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-21T20:32:16.967308Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-21T20:32:26.310Z\"}}], \"cna\": {\"title\": \"Cisco IOS XR Software Access Control List Bypass Vulnerability\", \"source\": {\"defects\": [\"CSCwk63613\"], \"advisory\": \"cisco-sa-modular-ACL-u5MEPXMm\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XR Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.5.3\"}, {\"status\": \"affected\", \"version\": \"6.5.2\"}, {\"status\": \"affected\", \"version\": \"6.5.92\"}, {\"status\": \"affected\", \"version\": \"6.5.1\"}, {\"status\": \"affected\", \"version\": \"6.6.2\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"6.6.25\"}, {\"status\": \"affected\", \"version\": \"6.6.1\"}, {\"status\": \"affected\", \"version\": \"6.5.93\"}, {\"status\": \"affected\", \"version\": \"7.1.1\"}, {\"status\": \"affected\", \"version\": \"7.0.90\"}, {\"status\": \"affected\", \"version\": \"6.6.3\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.1.2\"}, {\"status\": \"affected\", \"version\": \"7.0.11\"}, {\"status\": \"affected\", \"version\": \"7.0.12\"}, {\"status\": \"affected\", \"version\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"6.6.4\"}, {\"status\": \"affected\", \"version\": \"7.2.12\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.3.15\"}, {\"status\": \"affected\", \"version\": \"7.3.16\"}, {\"status\": \"affected\", \"version\": \"7.3.2\"}, {\"status\": \"affected\", \"version\": \"7.5.1\"}, {\"status\": \"affected\", \"version\": \"7.6.1\"}, {\"status\": \"affected\", \"version\": \"7.5.2\"}, {\"status\": \"affected\", \"version\": \"7.8.1\"}, {\"status\": \"affected\", \"version\": \"7.5.12\"}, {\"status\": \"affected\", \"version\": \"7.7.1\"}, {\"status\": \"affected\", \"version\": \"7.3.3\"}, {\"status\": \"affected\", \"version\": \"7.4.2\"}, {\"status\": \"affected\", \"version\": \"7.3.4\"}, {\"status\": \"affected\", \"version\": \"7.6.2\"}, {\"status\": \"affected\", \"version\": \"7.5.3\"}, {\"status\": \"affected\", \"version\": \"7.7.2\"}, {\"status\": \"affected\", \"version\": \"7.9.1\"}, {\"status\": \"affected\", \"version\": \"7.10.1\"}, {\"status\": \"affected\", \"version\": \"7.8.2\"}, {\"status\": \"affected\", \"version\": \"7.5.4\"}, {\"status\": \"affected\", \"version\": \"7.8.22\"}, {\"status\": \"affected\", \"version\": \"7.7.21\"}, {\"status\": \"affected\", \"version\": \"7.9.2\"}, {\"status\": \"affected\", \"version\": \"7.3.5\"}, {\"status\": \"affected\", \"version\": \"7.5.5\"}, {\"status\": \"affected\", \"version\": \"7.11.1\"}, {\"status\": \"affected\", \"version\": \"7.10.2\"}, {\"status\": \"affected\", \"version\": \"24.1.1\"}, {\"status\": \"affected\", \"version\": \"7.3.6\"}, {\"status\": \"affected\", \"version\": \"7.11.2\"}, {\"status\": \"affected\", \"version\": \"24.2.1\"}, {\"status\": \"affected\", \"version\": \"24.1.2\"}, {\"status\": \"affected\", \"version\": \"24.2.11\"}, {\"status\": \"affected\", \"version\": \"24.3.1\"}, {\"status\": \"affected\", \"version\": \"24.4.1\"}, {\"status\": \"affected\", \"version\": \"24.2.2\"}, {\"status\": \"affected\", \"version\": \"7.11.21\"}, {\"status\": \"affected\", \"version\": \"24.2.20\"}, {\"status\": \"affected\", \"version\": \"24.3.2\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm\", \"name\": \"cisco-sa-modular-ACL-u5MEPXMm\"}, {\"url\": \"https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/\", \"name\": \"Crafting endless AS-PATHS in BGP\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\\r\\n\\r\\nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.\\r\\nFor more information about this vulnerability, see the  section of this advisory.\\r\\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-264\", \"description\": \"Permissions, Privileges, and Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-03-12T16:12:48.668Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-20145\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-21T20:32:32.526Z\", \"dateReserved\": \"2024-10-10T19:15:13.215Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-03-12T16:12:48.668Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2025-20145

Vulnerability from fkie_nvd - Published: 2025-03-12 16:15 - Updated: 2025-08-04 12:03

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/	Technical Description
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios_xr	6.5.1
cisco	ios_xr	6.5.2
cisco	ios_xr	6.5.3
cisco	ios_xr	6.5.92
cisco	ios_xr	6.5.93
cisco	ios_xr	6.6.1
cisco	ios_xr	6.6.2
cisco	ios_xr	6.6.3
cisco	ios_xr	6.6.4
cisco	ios_xr	6.6.25
cisco	ios_xr	7.0.1
cisco	ios_xr	7.0.2
cisco	ios_xr	7.0.11
cisco	ios_xr	7.0.12
cisco	ios_xr	7.0.14
cisco	ios_xr	7.0.90
cisco	ios_xr	7.1.1
cisco	ios_xr	7.1.2
cisco	ios_xr	7.2.1
cisco	ios_xr	7.2.2
cisco	ios_xr	7.2.12
cisco	ios_xr	7.3.1
cisco	ios_xr	7.3.2
cisco	ios_xr	7.3.3
cisco	ios_xr	7.3.4
cisco	ios_xr	7.3.5
cisco	ios_xr	7.3.6
cisco	ios_xr	7.3.15
cisco	ios_xr	7.3.16
cisco	ios_xr	7.4.1
cisco	ios_xr	7.4.2
cisco	ios_xr	7.5.1
cisco	ios_xr	7.5.2
cisco	ios_xr	7.5.3
cisco	ios_xr	7.5.4
cisco	ios_xr	7.5.5
cisco	ios_xr	7.5.12
cisco	ios_xr	7.6.1
cisco	ios_xr	7.6.2
cisco	ios_xr	7.7.1
cisco	ios_xr	7.7.2
cisco	ios_xr	7.7.21
cisco	ios_xr	7.8.1
cisco	ios_xr	7.8.2
cisco	ios_xr	7.8.22
cisco	ios_xr	7.9.1
cisco	ios_xr	7.9.2
cisco	ios_xr	7.10.1
cisco	ios_xr	7.10.2
cisco	ios_xr	7.11.1
cisco	ios_xr	7.11.2
cisco	ios_xr	7.11.21
cisco	ios_xr	24.1.1
cisco	ios_xr	24.1.2
cisco	ios_xr	24.2.1
cisco	ios_xr	24.2.2
cisco	ios_xr	24.2.11
cisco	ios_xr	24.2.20
cisco	ios_xr	24.3.1
cisco	ios_xr	24.3.2
cisco	ios_xr	24.4.1
cisco	8608	-
cisco	8804	-
cisco	8808	-
cisco	8812	-
cisco	8818	-
cisco	ncs_5504	-
cisco	ncs_5508	-
cisco	ncs_5516	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FD2C84-CD64-4C1C-BC38-2F7A2A6EEF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE98B34-501B-449A-843A-58F297EDBE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CFC77F8-4131-42E1-93A4-13149BDCDC1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "676F3DD0-6081-4C37-8E4F-210BC59C3C09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36944A2B-E4F5-41DE-AC4D-55BFA603BE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E6EA55E-05BA-483F-AAE1-DD573D22D6A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "921B3622-76A3-4D9F-936C-25A965CE1A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "56092600-ABD2-4703-BA00-9DD0AE09B46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B7EEF2-9B6A-43FC-8DBE-F82B8E01BCAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5C0909-27D8-4B6E-A644-9B8ADFA24266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B842317-A5DB-4890-948A-DD26B7AE2540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7FE3667-1B5E-48FB-B3BB-1C1854FFEE72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0370A9-E422-4109-81A3-DE2118A20827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E20F814-87D4-41A5-B0A0-30AC6C6F2BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82CD7F68-9569-43F4-88ED-96F9A15C065D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C4C062-F816-41FE-ADAD-F994F4FA4A07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A07E9C56-D143-45FA-99FF-30F54A828BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F406EAA7-0607-419F-97E3-7ACEC8A3FA5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB9D0641-28F8-4CCB-AEC3-205409D1704A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ECA7B4C-8FDD-4053-B37B-E5E0969C0CB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D21DEFD5-EC43-496B-BBE1-C71C6055BC04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "83150BDE-63B7-4B36-8584-E2E950E878CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40C6D7C4-A5D9-4365-9664-EF35586925AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC41A004-2029-4E22-A88F-2B93D9786B6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "57F7D7FD-24A8-4DD4-8280-A18244059F34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A7448D1-BC19-45AB-BF6F-3434F8CA2CC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A057808-1BCA-4C7C-A2D9-0BD5B09D20F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D09FC0-73C5-4F7A-8013-0B0E5CC834FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA4A8AF-348D-4F90-B1CB-AE784E0A6EBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "23A66FF7-9BAB-40DA-8B90-C3C271D7E893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C95648D-A37A-446B-B106-12612C00A34D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DF31489-C029-4D4C-8401-26873FC469E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1807BE16-BAA9-4BC6-B98A-13D584A12821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "375746CB-695E-4019-89C9-42ED37A5E958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7D05C0-4065-448B-AAC6-F29E379F3DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8ADA2B1-FD5A-4900-953B-30951C8EF9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4C7223-3EFB-48C2-BE22-941F60826D0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EE83701-C0B7-4ED2-866B-44B7F54FCA0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "164B241C-397A-4921-BC5B-F928A21E91C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD3875D-D283-4961-BE31-750FDF9CDF56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAEC28C0-8091-49F9-88D1-CB96234BF52A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1ED2B72-A65C-47E4-87B3-D83F29428396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904CAA5-4E01-462C-AE57-067902CD95FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7750EA99-EC55-4F94-8730-18583647BBBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.11.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFEA7A0B-E20F-4ECC-A789-A4282EAC3029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE8E968-111F-4F57-93D3-E509AB540B87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B342A550-8600-45CF-8B9A-530770C9A0F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D64E1C4D-46B0-4A18-B8EE-BEA732CBF1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52002032-AB4E-4F3C-B832-EAA83F9EF97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "11288A28-F0CF-4FEC-A0B7-3D93866F01FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D1FF2C-A40C-44EB-AAB1-A70B94E3D717",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FD120B9-0671-473C-8420-872E5BB9933F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7288D433-8CFC-4589-BBCA-466B497251E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:24.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB813A-DAC5-4F74-B998-D5284B90BBB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8608:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B8D161-2D5E-4BD8-9518-B2FAB73ADEEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AC4E089-296D-4C19-BF21-DDF2501DD77C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\r\n\r\nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.\r\nFor more information about this vulnerability, see the  section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de la lista de control de acceso (ACL) en la direcci\u00f3n de salida del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado omita una ACL configurada. Esta vulnerabilidad existe porque ciertos paquetes se gestionan incorrectamente cuando se reciben en una interfaz de entrada de una tarjeta de l\u00ednea y se dirigen a una interfaz de salida de otra tarjeta de l\u00ednea donde est\u00e1 configurada la ACL de salida. Un atacante podr\u00eda explotar esta vulnerabilidad intentando enviar tr\u00e1fico a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir una ACL de salida en el dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre esta vulnerabilidad, consulte la secci\u00f3n de este aviso. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que la solucionen."
    }
  ],
  "id": "CVE-2025-20145",
  "lastModified": "2025-08-04T12:03:18.687",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-12T16:15:22.040",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Technical Description"
      ],
      "url": "https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}

CVE-2025-20145

Vulnerability from fstec - Published: 02.09.2024

Title

Уязвимость функции фильтрация исходящих пакетов IPv4 и IPv6 операционной системы Cisco IOS XR, позволяющая нарушителю обойти существующие ограничения безопасности

Description

Уязвимость функции фильтрация исходящих пакетов IPv4 и IPv6 операционной системы Cisco IOS XR связана с недостатками разграничения доступа на основе списка управления доступом (ACL). Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти существующие ограничения безопасности

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Vendor

Cisco Systems Inc.

Software Name

Cisco IOS XR

Software Version

до 25.1.1 (Cisco IOS XR), - (Cisco IOS XR), до 7.11.21 (Cisco IOS XR), от 24.1 до 24.2.2 (Cisco IOS XR)

Possible Mitigations

Использование рекомендаций производителя: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/

CWE

CWE-264

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 25.1.1 (Cisco IOS XR), - (Cisco IOS XR), \u0434\u043e 7.11.21 (Cisco IOS XR), \u043e\u0442 24.1 \u0434\u043e 24.2.2 (Cisco IOS XR)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.03.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.03.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-02698",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-20145",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS XR",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Cisco IOS XR \u0434\u043e 25.1.1 8608 Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 25.1.1 8804 Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 25.1.1 8808 Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 25.1.1 8812 Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 25.1.1 8818 Routers, Cisco Systems Inc. Cisco IOS XR - Cisco IOS XR White box (IOSXRWBD), Cisco Systems Inc. Cisco IOS XR \u0434\u043e 7.11.21 NCS S5504, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 7.11.21 NCS S5508, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 7.11.21 NCS S5516, Cisco Systems Inc. Cisco IOS XR \u043e\u0442 24.1 \u0434\u043e 24.2.2 NCS S5504, Cisco Systems Inc. Cisco IOS XR \u043e\u0442 24.1 \u0434\u043e 24.2.2 NCS S5508, Cisco Systems Inc. Cisco IOS XR \u043e\u0442 24.1 \u0434\u043e 24.2.2 NCS S5516",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv4 \u0438 IPv6 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS XR, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (CWE-264)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 IPv4 \u0438 IPv6 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS XR \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u043f\u0438\u0441\u043a\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (ACL). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm\nhttps://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-264",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,8)"
}

GHSA-CQP7-CMGP-M73G

Vulnerability from github – Published: 2025-03-12 18:32 – Updated: 2025-03-12 18:32

Details

A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.

This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device. For more information about this vulnerability, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Severity ?

5.8 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-20145"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-12T16:15:22Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\n\nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.\nFor more information about this vulnerability, see the  section of this advisory.\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.",
  "id": "GHSA-cqp7-cmgp-m73g",
  "modified": "2025-03-12T18:32:52Z",
  "published": "2025-03-12T18:32:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20145"
    },
    {
      "type": "WEB",
      "url": "https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-20145 (GCVE-0-2025-20145)

FKIE_CVE-2025-20145

CVE-2025-20145

GHSA-CQP7-CMGP-M73G

Tags

Sightings

Nomenclature